package com.example.servlet;

import com.example.model.User;
import com.example.util.DBUtil;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.*;

@WebServlet(name = "ProfileServlet", urlPatterns = "/profile")
public class ProfileServlet extends HttpServlet {
    
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) 
            throws ServletException, IOException {
        HttpSession session = request.getSession();
        User currentUser = (User) session.getAttribute("user");
        
        if (currentUser == null) {
            response.sendRedirect("login.jsp");
            return;
        }
        
        // 从数据库获取最新的用户信息
        try (Connection conn = DBUtil.getConnection()) {
            String sql = "SELECT * FROM users WHERE id = ?";
            PreparedStatement stmt = conn.prepareStatement(sql);
            stmt.setInt(1, currentUser.getId());
            ResultSet rs = stmt.executeQuery();
            
            if (rs.next()) {
                User user = new User();
                user.setId(rs.getInt("id"));
                user.setUsername(rs.getString("username"));
                user.setPhone(rs.getString("phone"));
                user.setAddress(rs.getString("address"));
                user.setStatus(rs.getString("status"));
                user.setAdmin(rs.getBoolean("is_admin"));
                
                session.setAttribute("user", user);
            }
        } catch (SQLException e) {
            e.printStackTrace();
            request.setAttribute("error", "获取用户信息失败: " + e.getMessage());
        }
        
        request.getRequestDispatcher("user-profile.jsp").forward(request, response);
    }
    
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) 
            throws ServletException, IOException {
        HttpSession session = request.getSession();
        User currentUser = (User) session.getAttribute("user");
        
        if (currentUser == null) {
            response.sendRedirect("login.jsp");
            return;
        }
        
        String username = request.getParameter("username");
        String phone = request.getParameter("phone");
        String address = request.getParameter("address");
        String newPassword = request.getParameter("newPassword");
        
        try (Connection conn = DBUtil.getConnection()) {
            String sql;
            PreparedStatement stmt;
            
            if (newPassword != null && !newPassword.trim().isEmpty()) {
                // 更新密码
                sql = "UPDATE users SET username = ?, phone = ?, address = ?, password = ? WHERE id = ?;";
                stmt = conn.prepareStatement(sql);
                stmt.setString(1, username);
                stmt.setString(2, phone);
                stmt.setString(3, address);
                stmt.setString(4, newPassword);
                stmt.setInt(5, currentUser.getId());
            } else {
                // 不更新密码
                sql = "UPDATE users SET username = ?, phone = ?, address = ? WHERE id = ?;";
                stmt = conn.prepareStatement(sql);
                stmt.setString(1, username);
                stmt.setString(2, phone);
                stmt.setString(3, address);
                stmt.setInt(4, currentUser.getId());
            }
            
            int result = stmt.executeUpdate();
            
            if (result > 0) {
                // 更新session中的用户信息
                currentUser.setUsername(username);
                currentUser.setPhone(phone);
                currentUser.setAddress(address);
                session.setAttribute("user", currentUser);
                
                request.setAttribute("success", "个人信息更新成功！");
            } else {
                request.setAttribute("error", "更新失败，请重试");
            }
            
        } catch (SQLException e) {
            e.printStackTrace();
            request.setAttribute("error", "更新失败: " + e.getMessage());
        }
        
        request.getRequestDispatcher("user-profile.jsp").forward(request, response);
    }
} 